Security experts recently reported in the New York Times that websites fall into 2 categories.
Those websites that have been hacked, and those that do not yet know that they have been hacked.
If you know that your website has been hacked, it is pretty obvious. Your homepage and/or other content has been destroyed or replaced with a page that says, “your website has been hacked”.
The other kind is somewhat more surreptitious as you may not see outward signs of the hacking.
And of the 2, this is probably the worse as the hackers can continue to use your website for their various nefarious processes without you being being aware or taking corrective action.
At least when the hack is obvious, you can take immediate steps to fix it.
So . . .
What should I do if my website has been hacked?
What are the signals that your website has been hacked?
- Your website links through to a porn site, or some other site
- Your website is defaced or graffiti-ed
- You may get a notice from Google or Bing
- Your browser, such as Firefox or Chrome, may say that your site may be compromised
- You may notice things in the admin of your website, such as high traffic spikes, often from other countries
How does it happen?
Very briefly, the hacker must find some security breach in your website. So the better security precautions you take, the less chance you have of getting your website hacked.
We pass words and computers without virus software leave gaping holes for hackers to utilise.
Not keeping your website software up-to-date is a way that hackers can take advantage of nine software issues.
And using cheap, shared web hosting is another way that your website can get hacked.
So it has happened – what next?
What should I do if my website has been hacked?
1. Call for Support
Unless you are proficient with the website technology, then you are going to need help.
So stay calm, and call for technical support.
You can contact Hotpink Websites using this form, as our teams are experienced in website security.
Your web hosting company may, (or may not), also be able to assist you with this.
2. Gather the needed information
Ideally you will already have this information recorded and handy to forward to your support team:
- CMS Login
- Hosting Login
- Your web logs
- FTP / sFTP access credentials
- Backups
If you do not already have this information, then you should go about collating it now before you encounter an actual hacking experience.
3. Get offline
Get everything off-line while you do the cleanup process. This includes your website and also your computer as both may need to be cleansed.
4. The Cleanup
The cleanup can be a very complex process.
It involves downloading a backup of your website, and confirming that the backup has not been infected.
If you do not have a clean backup, then you must download the current website and analyse what has been done and how to fix it. Either way, it is important to find out how the hack was made so that you can put a Block on the same thing happening again.
All passwords and access should be updated and reviewed to ensure high security.
5. Update your web hosting
At Hotpink Websites, we have never had a client website hacked.
We believe that this is a result of the security measures and precautions that we have in place on our websites and hosting.
So it would be a good idea two consider moving your web hosting over to our management.
As with most things, “a stitch in time saves nine“, and “an ounce of prevention is better than a ton of cure“.
Enough with the cliches already. You get the picture.
Being prepared now may cost you a bit, but it will be far cheaper than experiencing a hacked website.
You can contact Hotpink Websites using this form, as our teams are experienced in website security.
Leave a Reply